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2131 



- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)0 Responsive to communication(s) filed on . 



2a)n This action is FINAL. 2b)^ This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) 13 Claim(s) 1-63 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) ^ Claim(s) 1-63 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) 0 The drawing(s) filed on is/are: a)n accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

1 1) 0 The proposed drawing correction filed on is: a)0 approved b)0 disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) n The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or(f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 

3.0 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) ^ Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
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DETAILED ACTION 

1. Claims 1-63 have been examined. 

2. The Specification and claims 48-62 are objected. 

3. Claim 43 is rejected under 35 U.S.C. 1 12, l^t paragraph. 

4. Claims 1-7, 14-19, 23-30, and 37-63 are rejected under 35 U.S.C. 102(e) 
with the priority date, May 2, 1997, of the Continuation-in-part application. 

5. Claims 8-13, 20-22, and 31-36 are rejected under 35 U.S.C. 103(a). 

6. Minor Informalities 

Specification 

7. The disclosure is objected to because of the following informalities: 

On page 1, Applicant needs to provide the updated status of the co- 
pending applications Serial No. 08/994,709 that is now a patent (US 
6,266,335) and Serial No. 08/992,038 that is now in the state of allowance. 
Further, Applicant fails to provide the Serial Numbers of the two co-pending 
applications mentioned on lines 13 and 15. 

On page 9 of line 31 and page 14 of line 6, fails to provide the US Patent 
Application Serial Number. 

Appropriate correction is required. 





Application/ Control Number: 09/540,238 
Art Unit: 2131 



Page 3 



Claim Objections 



8. The numbering of claims is not in accordance with 37 CFR 1.126 which 
requires the original numbering of the claims to be preserved throughout the 
prosecution. When claims are canceled, the remaining claims must not be 
renumbered. When new claims are presented, they must be numbered 
consecutitfely beginning with the number next following the highest numbered 
claims previously presented (whether entered or not). 

Misnumbered claims 48-62 have been renumbered 49-53. The 
dependency of the renumbered claims needs to be corrected as well. 

9. Claims 49 and 62 are objected to under 37 CFR 1.75(c), as being of 
improper dependent form for failing to further limit the subject matter of a 
previous claim. Applicant is required to cancel the claim(s), or amend the 
claim(s) to place the claim(s) in proper dependent form, or rewrite the claim(s) in 
independent form. 

The Examiner asserts Applicant appears to attempt to change a term used in 
independent claims 47 (for claim 49) and 57 (for claim 62): 

Claim 49 states "the computers". Claim 49 is improper because this claim is 
dependent on to another claim where there is no recitation of the "the 
computers". Claim 62 states, "the IP address". Also, there is no recitation of 
"the IP address". 
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Claim Rejections - 35 USC §112 



The follounng is a quotation of the second paragraph of 35 17.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and 
distinctly claiming the subject matter which the applicant regards as his invention. 

10. Claim 43 is rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

Claim 43 states a "third side" of a firewall. A review of the specification fails to 
disclose what is the first or the second side of a firewall for the Examiner to 
hypothesize what the third side of the firewall is. The Examiner ascertains that 
the first side would be the external side of the firewall and the second side is 
the internal and protected side of the firewall. In addition, a review of the 
figures fails to show an example of what the third side of a firewall might be. 
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Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 
that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on ain application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), 
(2), and (4) of section 371(c) of this title before the invention thereof by the applicant for 
patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or' indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) 
prior to the amendment by the AIPA (pre-AIPA 35 U.S.C. 102(e)). 

11. Claims 1-7, 14-19, 23-30, and 37-63 are rejected under 35 U.S*C. 102(e) as 
being unpatentable over Coile, et aL (US 6,108,300). 
As per claims 1 and 16: 

The Examiner found the term "flowswitch" somewhat unclear, so a 
review of the specification leads the Examiner to how the "flowswitch" is 
defined. On page 10 of the specification, states that the "flowswitch" is a 
configurable switch circuit and on page 4, states that the switch circuit is used 
to detect failures. So therefore for purposes of applying art, a "flowswitch" 
detects failures. 
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Coile, et al. teaches method for providing a failover for a variety of 
network devices 300,310 such as firewalls (col. 5, lines 7-12) in a network 
wherein the network includes servers 210,220 and a network flowswitch in the 
form of a failover cable 230 (col. 5, lines 43-44). 

Coile fails to point out that the network includes plurality of firewalls. 
However, Coile did suggest examples of the variety of network devices, which 
includes firewalls (col. 5, lines 7-12). Therefor, it is inherent that plurality of 
firewalls includes in Coile's invention, so when a failure does occur, there is 
another firewall to take the place of the unoperational (failed) firewall to 
continuously protect the network from harmful intruders. Further, there exists 
a primary server 210, a backup server 220, a primary network device 300, and 
a secondary network device 310 (col.6, lines 44-45). The failover cable 
determines the status of the servers (col. 5, lines 43-48) and the failures of the 
network devices (col.6, lines 14-22). The network device periodically exchanges 
confirmation messages along the failover cable via the network to indicate that 
the network has not failed or a sends a failure message indicating the network 
device has failed (col.6, lines 43-67). Once a failure is detected, an active MAC 
address of a functional backup network device replaces the MAC address of the 
failed network device (col.6, line 67 thru col. 7, line 9). Thus (the Examiner 
asserts), prevents the packets from being relayed to the failed network device, 
therefore, the packets are relayed to the functional network device with the 
active MAC address. 
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As per claim 2: See coL5, lines 26-31). 
As per claim 3: 

Coile discuss each switch is associated with each connection where different 
network devices is connected at different ports (col. 10, lines 32-43). Therefore, 
it is inherent to relay the packets to the functional firewalls over unshared 
ports so that packets can be forwarded to the standby device without confusion 
of which network device location has failed (col. 10, lines 26-30). 
As per claim 4: See col.6, lines 16-20. 
As per claims 5: See col. 11, lines 2-8. 
As per claim 6: 

Coile suggests ARP but fails to describe the functions of an ARP in more detail. 
The Examiner asserts the use of ARP request is to determine the physical 
address of a node. The Examiner asserts it is inherent the function of an ARP 
request of Coile's invention is to find out the new address of the functional 
firewall (col. 12, lines 42-44). Therefore, Coile inherently teaches responding to 
the ARP requests with an active MAC address of a firewall. 
As per claim 7: 

Coile teaches the use of the PING test during a 5 seconds interval to 
determine if the remote device has failed (col. 11, lines 10-25). The Examiner 
asserts that Coile suggests the ICMP. As understood by the Examiner, Ping is 
to see whether the machine is connected to a destination such as the Internet 
and ICMP communicates errors and informs machines about an unreachable 
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destination. Therefore, the ICMP method for determining whether the 
particular destination is reachable or operational. 
As per claim 14: See col. 6, lines 14-19. 
As per claim 15: See col. 13, line 8. 

As per claim 16: as rejected on the same basis as claim 1. 
As per claim 17: Refer to claim 5. 

As per claim 18: as rejected on the same basis as claim 4. 
As per claim 19: as rejected on the same basis as claim 15. 
As per claim 23: 

Coile, et al. teaches method for providing a failover for a variety of 
network devices 300,310 such as firewalls (col. 5, lines 7-12) in a network that 
is coupled to the backbone of the Internet (col. 12, line 65 - col. 13, line 4). The 
network includes servers 210,220 and a switch circuit in the form of a failover 
cable 230 (col. 5, lines 43-44). Coile fails to point out that the network includes 
plurality of firewalls. However, Coile did suggest examples of the variety of 
network devices, which includes firewalls (col. 5, lines 7-12). Further, it is 
inherent that plurality of firewalls includes in Coile's invention, so when a 
failure does occur, there is another firewall to take the place of the 
unoperational (failed) firewall to continuously protect the network from harmful 
intruders. Further, there is MAC address for each primary server 210, a 
backup server 220, a primary network device 300, and a secondary network 
device 310 (coL6, lines 44-45). The failover cable determines the status of the 



Application / Control Number: 09 / 540,238 Page 9 

Art Unit: 2131 

servers (col. 5, lines 43-48) and the failures of the network devices (col. 6, lines 
14-22). The network device periodically exchanges confirmation messages 
along the failover cable via the network to indicate that the network has not 
failed or a sends a failure message indicating the network device has failed 
(col. 6, lines 43-67). Once a failure is detected, an active MAC address of a 
functional backup network device replaces the MAC address of the failed 
network device (col. 6, line 67 thru col. 7, line 9). Thus (the Examiner asserts), 
prevents the packets from being relayed to the failed network device, therefore, 
the packets are relayed to the functional network device with the active MAC 
address. 

As per claim 24: See col. 5, lines 26-31. 
As per claim 25: See col. 12, lines 10-41. 
As per claim 26: 

Coile discusses the network device periodically exchanges confirmation 
messages along the failover cable via the network to indicate that the network 
has not failed or a sends a failure message indicating the network device has 
failed (col.6, lines 43-67). 
As per claim 27: See col. 11, lines 2-8. 
As per claim 28: As rejected on the same basis as claim 4. 
As per claim 29: See col. 11, lines 3-8. 
As per claim 30: 
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Coile discusses that once a failure is detected, an active MAC 
address of a functional backup network device replaces the MAC address of the 
failed network device (coL6, line 67 thru col. 7, line 9). Thus (the Examiner 
asserts), prevents the packets from being relayed to the failed network device, 
therefore, the packets are relayed to the functional network device with the 
active MAC address. 

As per claim 37: as rejected on the same basis as claim 14. 
As per claim 38: See col. 7, lines 35-52. 
As per claim 39: as rejected on the same basis as claim 15. 
As per claim 40: 

Coile, et al. teaches method for providing a failover for a variety of 
network devices 300,310 such as firewalls (col. 5, lines 7-12) in a network 
wherein the network includes servers 210,220 and a network flowswitch in the 
form of a failover cable 230 (col. 5, lines 43-44). Coile fails to point out that the 
network includes plurality of firewalls. However, Coile did suggest examples of 
the variety of network devices, which includes firewalls (col. 5, lines 7-12). The 
failover cable is plugged on each side of the firewalls (col. 7, lines 35-52) and the 
network device periodically exchanges confirmation messages along the failover 
cable via the network to indicate that the network has not failed or a sends a 
failure message indicating the network device has failed (coL6, lines 43-67). 
Once a failure is detected, an active MAC address of a functional backup 
network device replaces the MAC address of the failed network device (col. 6, 
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line 67 thru col. 7, line 9). Coile fails to suggest sending a request message to a* 
second side of the firewall. It is inherent if Coile can send a request message 
through the firewall by having the MAC address, then it is possible to send a 
request message by using the MAC address to get to the location or to any side 
of the firewall. See Fig. 1 

As per claim 41: See col. 13, lines 12-21 and FIG.9. 

As per claim 42: See col. 13, lines 12-21. 

As per claim 43: As rejected on the same basis as claim 40. 

As per claim 44: See col. 6, lines 43-59. 
As per claim 45: 

Coile teaches the use of NAT where the invention of Coile translates the 
packet addresses (col. 5, lines 60-61). 
As per claim 46: See col. 10, lines 39-42. 
As per claim 47: 

Differs from claim 23, wherein the network includes a second switch 
circuit (col. 10, lines 30-34). 
As per claim 48: See col. 12, lines 25-27. 
As per claim 49: See col.5, lines 55-58. 
As per claim 50: See col.5, lines 44-45. 
As per claim 51: 
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Coile discloses a flash memory device for storing programs or data 
(col. 13, lines 13-14). It is inherent that a memory can have multiple storage 
elements to store the different data needs. 
As per claim 52: See col. 5, lines 43-59. 
As per claim 53: 

Coile discloses request message by ping and ARP methods, however, 
Coile fails to particularly suggest ICMP, for ICMP is similar to the ping method 
but differs that it performs error correction. The Examiner asserts that both 
methods are used to determine whether a destination can be reached and 
provides the status of the firewalls. 
As per claim 54: 

Coile discloses changing address portion of a packet when the backup 
server is active (col. 12, lines 24-32). Otherwise, the Examiner asserts the 
packet will resume the original address and that it is not necessary to modify 
the packet if the first firewall is functional. 
As per claim 55: See col. 12, lines 15-22. 
As per claim 56: See col. 6, lines 2-3. 
As per claim 57: 

Coile, et al. teaches method for providing a failover for a variety of 
network devices 300,310 such as firewalls (col. 5, lines 7-12) in a network. 
Coile fails to point out that the network includes plurality of firewalls. 
However, Coile did suggest examples of the variety of network devices, which 
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includes firewalls (col. 5, lines 7-12). The network device periodically exchanges 
confirmation messages along the failover cable via the network to indicate that 
the network has not failed or a sends a failure message indicating the network 
device has failed (col. 6, lines 43-67). Once a failure is detected, an active MAC 
address of a functional backup network device replaces the MAC address of the 
failed network device (col. 6, line 67 thru col. 7, line 9). See Fig.l 
As per claim 58: See col. 7, lines 36-52. 
As per claim 59: See FIGURES 8 and 9. 
As per claim 60: See FIGURE 4. 
As per claim 61: 

Coile discloses a method of taking over the active IP address of the 
formerly active device that was deemed a failure. Therefore it is inherent that 
Coile does not change the IP address during the transferring of the packets to 
any of the firewalls. See col. 12, lines 29-31. 
As per claim 62: As rejected on the same basis as claim 61. 
As per claim 63: As rejected on the same basis as claim 15. 
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Claim Rejections - 35 USC §103 



The following is a quotation of 35 IT.S.C. 103(a) which forms the basis for all 
obxnousness rejections set forth in this Office action: 

- (a) A patent may not be obtained though the invention is not identicadly disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having 
ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

12. Claims 8-13, 20-22, and 31-36 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Coile, et al. and further in view of Belville, et al. (US 
5,828,833). 

As per claim 8: 

Coile teaches a method and apparatus for providing a failover for 
network devices such as firewalls by sending confirmation messages, ARP 
request, and ping (ICMP) tests to each of the network devices and if there is no 
response, then that network device has failed. However, Coile fails to provide a 
recovery method for the failed firewall. 

Belville, et al. teaches the method for proper recovery if there is a failure 
of the firewall (col. 6, lines 54-55). In addition, Belville teaches the DCE firewall 
application includes a clean-up thread that periodically pings the servers to 
determine if the servers and firewalls are still present and operable (coL6, lines 
36-49). 
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Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention were made to employ the teaching of, Bellville, within the 
system of Coile, because the recovery method for the failed firewall would 
regain the operations of a functional firewall to continue to provide secure 
services of a network (col. 4, lines 50-58 and col. 5, lines 15-17). 
As per claim 9: 

As rejected in claim 8, and further includes where Belville discusses the 
cleanup thread including waiting for a time out period to pass (col. 6, lines 56 — 
63). Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention were made to employ the teaching of, Bellville, within the 
system of Coile, because when the time out passes the privileges are allocated 
so the packet is not transferred to the non-operational firewall. 
As per claim 10: 

The same rationale applies to claim 9, and further includes the time out 
period is greater than or equal to a time period needed for the recovered firewall 
to learn routes to all the known clients. Therefore, it would have been obvious 
to one of ordinary skill in the art at the time the invention were made to employ 
the teaching of, Bellville, within the system of Coile, because it is more secure 
by having the advantage to have enough time and not less than the time period 
to learn the routes to all known clients. Else, there is no point for the 
recovered firewall to operate as securely as before. See col. 5, lines 3-9 and 
col. 12, lines 47-53. 
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As per claim 11: 

The same rationale applies of claim 8, and further includes where Belville 
discusses periodically pinging the firewall application to see if it is still 
operational. The Examiner asserts if the failed firewall receives a ping and 
responds, then that is an indication the firewall has recovered and is functional 
once again. Therefore, it would have been obvious to one of ordinary skill in 
the art at the time the invention were made to employ the teaching of, Bellville, 
within the system of Coile, because it is an indication that the firewall has 
regained its operational state. See col. 6, lines 36-55. 
As per claim 12: 

As rejected with the same rationale of claim 8. Also, see col. 9, lines 3-17. 
As per claim 13: 

Coile teaches a method and apparatus for providing a failover for 
network devices such as firewalls by sending confirmation messages, ARP 
request, and ping (ICMP) tests to each of the network devices and if there is no 
response, then that network device has failed. However, Coile fails to provide a 
recovery method for the failed firewall. 

Belville, et al. teaches the method for proper recovery if there is a failure 
of the firewall (col. 6, lines 54-55). In addition, Belville teaches the DCE firewall 
application includes a clean-up thread that periodically pings the servers to 
determine if the servers and firewalls are still present and operable (col. 6, lines 
36-49). 
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Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention were made to employ the teaching of, Bellville, within the 
system of Coile, because the recovery method for the failed firewall would 
regain the operations of a functional firewall to continue to provide secure 
services of a network (col. 4, lines 50-58 and col. 5, lines 15-17). See col.6, lines 
36-55. 

As per claim 20: as rejected on the same basis as claim 81. 
As per claim 21: as rejected on the same basis as claim 11. 
As per claim 22: as rejected on the same basis as claim 13. 
As per claim 31: as rejected on the same basis as claim 8. 
As per claim 32: as rejected on the same basis as claim 9. 
As per claim 33: as rejected on the same basis as claim 10. 
As per claim 34: as rejected on the same basis as claim 1 1 . 
As per claim 35: as rejected on the same basis as claim 13. 
As per claim 36: as rejected on the same basis as claim 8. 

Minor In formalities 
13. Claim 12 is objected to because of the following informalities: 

On line 2, there is an extra "a". 
Appropriate correction is required. 
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Conclusion 



Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to LEYNNA T. HA whose telephone 
number is (703) 305-3853. The examiner can normally be reached on Monday 
- Friday (7:00 - 3:30PM). 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, AYAZ SHEIKH can be reached on (703) 305-9648. The 
fax phone numbers for the organization where this application or proceeding is 
assigned are (703) 746-7239 for regular communications and (703) 746-7238 
for After Final communications. 

Any inquiry of a general nature or relating to the status of this 
application or proceeding should be directed to the receptionist whose 
telephone number is (703) 306-5631. 




lha 

July 14, 2003 



AYAZ SHEIKH 
SUPERVISORY PATENT EXAMINER 
TECHMOLOGY CENTER 2100 



